<?php
/*
+-----------------------------------------------------------------------------+
| $Id: *.php 2009-08-18 08:41:22Z Bleakwind $
| Copyright (c) 2003-2010 Bleakwind (www.weaverdream.com)
| http://www.weaverdream.com/
+-----------------------------------------------------------------------------+
*/

if (!defined( 'ENTRY_INDEX')){
    echo "<h1>Forbidden</h1><p>You don't have permission to access on this server.</p>";
    exit;
}


if($sys->get['ope'] == "add_id"){

    if(!preg_match("/^[1-9][0-9]{0,10}$/i",$sys->get['mid'])){
        $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['friend_id_add_error']."<!-- friend_id_add_error -->");
    }elseif($sys->get['mid'] == $MEMBER['id']){
        $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['cannot_add_self']."<!-- cannot_add_self -->");
    }else{

        $result_member = func::db_select(DB_TABLE_MEMBER, array("id"), "id=".addslashes($sys->get['mid']));
        $result_member = $result_member[0];
        $result_friend = func::db_select(DB_TABLE_MEMBER_FRIEND, array("mid"), "mid=".$MEMBER['id']." AND fid=".$result_member['id']);
        $result_friend = $result_friend[0];
        if(empty($result_member)){
            $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['friend_not_exist']."<!-- friend_not_exist -->");
        }elseif(!empty($result_friend)){
            $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['friend_already_exist']."<!-- friend_already_exist -->");
        }else{

             $sql = "INSERT ".DB_TABLE_MEMBER_FRIEND." SET
                        mid                 =".$MEMBER['id'].",
                        fid                 =".$result_member['id'].",
                        remark              =NULL,
                        time_created        =".$sys->nowtime.",
                        rank                =0";
             $result_friend = $db->Execute($sql);
             if (!$result_friend) {
                 echo $db->ErrorMsg();
             }

             $sys->cp_prompt("jump",$CONFIGURE['common']['control_index']."?act=cp_friend");
        }
    }

}elseif($sys->get['ope'] == "add_username"){

    if ( empty($sys->post['username'])
        || preg_match("/[\x01-\x2E]|[\\x2F]|[\x3A-\x40]|[\x5B-\x5E]|[\x60]|[\x7B-\x7F]/",$sys->post['username']) ) {
        $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['friend_username_add_error']."<!-- friend_username_add_error -->");
    }else{
        $result_member = func::db_select(DB_TABLE_MEMBER, array("id"), "username='".addslashes($sys->post['username'])."'");
        $result_member = $result_member[0];
        $result_friend = func::db_select(DB_TABLE_MEMBER_FRIEND, array("mid"), "mid=".$MEMBER['id']." AND fid=".$result_member['id']);
        $result_friend = $result_friend[0];
        if(empty($result_member)){
            $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['friend_not_exist']."<!-- friend_not_exist -->");
        }elseif(!empty($result_friend)){
            $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['friend_already_exist']."<!-- friend_already_exist -->");
        }elseif($result_member['id'] == $MEMBER['id']){
            $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['cannot_add_self']."<!-- cannot_add_self -->");
        }else{

             $sql = "INSERT ".DB_TABLE_MEMBER_FRIEND." SET
                        mid             =".$MEMBER['id'].",
                        fid             =".$result_member['id'].",
                        remark          ='".addslashes($sys->post['add_remark'])."',
                        time_created    =".$sys->nowtime.",
                        rank            ='".(int)addslashes($sys->post['add_rank'])."'";
             $result_friend = $db->Execute($sql);
             if (!$result_friend) {
                 echo $db->ErrorMsg();
             }

             $sys->cp_prompt("jump",$CONFIGURE['common']['control_index']."?act=cp_friend");
        }
    }

}elseif($sys->get['ope'] == "del"){

    if(!preg_match("/^[1-9][0-9]{0,10}$/i",$sys->get['mid'])){
        $sys->cp_prompt("failed",$LANGUAGE['s']['cp_friend']['friend_id_del_error']."<!-- friend_id_del_error -->");
    }else{
        $sql = "DELETE FROM ".DB_TABLE_MEMBER_FRIEND." WHERE
                    mid=".$MEMBER['id']." AND fid = '".$sys->get['mid']."'";
        $result = $db->Execute($sql);
        if (!$result) {
            echo $db->ErrorMsg();
        }
    }
    $sys->cp_prompt("jump",$CONFIGURE['common']['control_index']."?act=cp_friend");

}else{

    function set_value_onfocus($name, $id, $value, $type="text", $maxlength="255", $style="")
    {
        global $MEMBER, $db, $sys;
        $ajax_response = new xajaxResponse();
        if (!empty($style)) { $style = "style=\"".$style."\""; }

        if ($type == "text") {
            $result = '<input type="text" id="'.$name.'_'.$id.'_input" name="'.$name.'_'.$id.'_input" value="'.$value.'" maxlength="'.$maxlength.'" size="6" class="input" '.$style.' onblur="xajax_set_value_onblur(\''.$name.'\', \''.$id.'\', this.value);">';
            $ajax_response->assign($name.'_'.$id, "innerHTML", $result);
            $ajax_response->script("$('#".$name."_".$id."_input').focus();");
        } elseif($type == "textarea") {
            $result = '<textarea id="'.$name.'_'.$id.'_input" name="'.$name.'_'.$id.'_input" rows="1" cols="6" class="textarea" '.$style.' onblur="xajax_set_value_onblur(\''.$name.'\', \''.$id.'\',  this.value);">'.$value.'</textarea>';
            $ajax_response->assign($name.'_'.$id, "innerHTML", $result);
            $ajax_response->script("$('#".$name."_".$id."_input').focus();");
        } elseif ($type == "textarea_resize") {
            $result = '<textarea id="'.$name.'_'.$id.'_input" name="'.$name.'_'.$id.'_input" rows="1" cols="6" class="textarea" '.$style.' onblur="xajax_set_value_onblur(\''.$name.'\', \''.$id.'\', this.value);">'.$value.'</textarea>';
            $ajax_response->assign($name.'_'.$id, "innerHTML", $result);
            $ajax_response->script("$('#".$name."_".$id."_input').resizable({ autohide: true, minWidth: 200, minHeight: 100,  maxWidth: 800, maxHeight: 600 });");
            $ajax_response->script("$('#".$name."_".$id."_input').focus();");
        } elseif($type == "checkbox") {
            $checked = $value == "1" ? "checked" : "";
            $result = '<input type="checkbox" id="'.$name.'_'.$id.'_input" name="'.$name.'_'.$id.'_input" value="1" '.$checked.' class="checkbox" '.$style.' onblur="xajax_set_value_onblur(\''.$name.'\', \''.$id.'\', this.checked == true ? 1 : 2);">';
            $ajax_response->assign($name.'_'.$id, "innerHTML", $result);
            $ajax_response->script("$('#".$name."_".$id."_input').focus();");
        }
        return $ajax_response;
    }
    $bwajax->register(XAJAX_FUNCTION, "set_value_onfocus");

    function set_value_onblur($name, $id, $value="")
    {
        global $MEMBER, $db, $sys;
        $ajax_response = new xajaxResponse();
        $if_error   = false;
        $error_msg  = array();

        // check
        if ($name == "rank") {
            if ( !preg_match("/^[0-9]{1,11}$/",$value) ) {
                $if_error       = true;
                $error_msg[]    = $LANGUAGE['s']['cp_friend']['rank_must_number'];
            }
        }

        // update
        if (!$if_error) {
            $sql = "UPDATE ".DB_TABLE_MEMBER_FRIEND." SET
                        ".$name."   = '".addslashes($value)."',
                        time_change = '".$sys->nowtime."'
                    WHERE mid=".$MEMBER['id']." AND fid=".$id."";
            $result = $db->Execute($sql);
            if (!$result) {
                $if_error       = true;
                $error_msg[]    = $db->ErrorMsg();
            }
        }

        // select and set hidden value
        if (!$if_error) {
            $sql = "SELECT ".$name."
                    FROM ".DB_TABLE_MEMBER_FRIEND."
                    WHERE mid=".$MEMBER['id']." AND fid=".$id."";
            $result = $db->Execute($sql);
            if (!$result) {
                $if_error       = true;
                $error_msg[]    = $db->ErrorMsg();
            } else {
                $ajax_response->assign($name."_".$id."_value", "value", $result->fields[$name]);
            }
        }

        // show new
        if (!$if_error) {
            if ($name == "rank") {
                $ajax_response->assign("rank_".$id, "innerHTML", $result->fields['rank']);
                $ajax_response->redirect($CONFIGURE['common']['control_index']."?act=cp_friend&pag=".$sys->get['pag']);

            } elseif ($name == "remark") {
                $ajax_response->assign($name."_".$id, "innerHTML", func::str_entag($result->fields[$name], "space,br"));

            } else {
                $ajax_response->assign($name."_".$id, "innerHTML", $result->fields[$name]);
            }
        }

        // alert error
        if ($if_error) {
            $ajax_response->alert($LANGUAGE['s']['cp_friend']['rank_must_number']."\n- ".implode("\n- ", $error_msg));
        }
        return $ajax_response;
    }
    $bwajax->register(XAJAX_FUNCTION, "set_value_onblur");

    $total_record = func::db_count_record(DB_TABLE_MEMBER_FRIEND, "mid=".$MEMBER['id']);
    $bwpage->set_record_listnum($CONFIG['page_record_cp_friend']);
    $bwpage->set_record($total_record);
    $bwpage->page($CONFIGURE['common']['control_index']."?act=cp_friend&pag=%s");
    $sql = "SELECT f.*
            FROM ".DB_TABLE_MEMBER_FRIEND." f
            WHERE f.mid=".$MEMBER['id']."
            ORDER BY f.rank
            LIMIT ".$bwpage->record_listfirst.",".$bwpage->record_listnum;
    $result = &$db->Execute($sql);
    if (!$result) {
        echo $db->ErrorMsg();
    } else {
        while (!$result->EOF) {

            $member_info = $sys->return_member_info($result->fields['fid'],
                           array("username,point", "mg_id,mg_name,mg_icon"));

            $sys->area_current = array();
            $friend[] = array(
                'mid'               => $result->fields['mid'],
                'fid'               => $result->fields['fid'],
                'remark'            => $result->fields['remark'],
                'time_created'      => $result->fields['time_created'],
                'rank'              => $result->fields['rank'],
                'm_username'        => $member_info['m_username'],
                'm_area_id'         => $member_info['m_area_id'],
                'mg_id'             => $member_info['mg_id'],
                'mg_name'           => $member_info['mg_name'],
                'mg_icon'           => $member_info['mg_icon'],
            );
            $result->MoveNext();
        }
    }

    $t->assign(array(
        "friend"       => $friend,
        "pagination"   => $bwpage->pagination,
    ));
}
$public_var['page_place'][] = $LANGUAGE['s']['cp_friend']['page_place_upper'];
$public_var['page_place'][] = $LANGUAGE['s']['cp_friend']['page_place'];
?>
